Use
At this point, the developer is ready to request a cluster. To get access to the environment, note that the developer
- Does not need to have any knowledge of Terraform or other IaC frameworks
- Does not need access to privileged credentials for GCP
- Does not need any help from the Platform team to deploy their environment
Important
Ensure that the developer is assigned to a group that has the "Environment Template User role" in the project. This will provide the developer the ability to create the new cluster based environment via self-service.
Request Cluster¶
When a developer requests a cluster, a series of steps are automatically performed to fulfil the request. The sequence diagram below describes the high level steps.
Important
Although the recommended workflow assumes and recommends using an Integration with an Identity Provider (IdP) to provide a Single Sign On (SSO) experience, organizations can also use locally managed users.
sequenceDiagram
participant dev as Developer
participant rafay as Rafay Platform
participant csp as GCP
participant idp as Identity Provider
dev->>rafay: Login (Opt. SSO)
dev->>rafay: Creates Environment
rafay->>csp: Create Project
rafay->>csp: Deploy Cluster
rect rgba(0, 0, 255, .1)
opt SSO via Identity Provider
rafay-->>idp: Create Group for k8s cluster
rafay-->>idp: Add developer to Group
end
rafay->>rafay: Create Group in Rafay
rafay->>rafay: Add Project Admin and Cluster Admin <br>RBAC to Group
rafay->>rafay: Add User to Group
end
dev-->>app: Developer uses ClusterNote
Once the developer logs into the Rafay Org after the the environment is created (SSO using Identity Provider recommended), they will automatically have access to their specific cluster they have been authorized to use. The necessary RBAC to the assigned Kubernetes namespace is orchestrated automatically by Rafay Kubernetes Manager.
Step 1: Configure Environment¶
In this step, a developer will configure their Kubernetes Cluster environment using the provided environment template. Once the Cluster is created, the developer will be automatically provided access to the Cluster with a role with which they can administer the cluster.
- Log into the controller and select your project
- Navigate to Environments -> Environments
- Click New Environment
- Enter gke-cluster1 for the name
- Select the existing environment template
- Select the environment template version
- Click Create
- Click Save
Step 2: Deploy Environment¶
The developer can now deploy the environment. Environment Manager will automatically create a Cluster, configure the Cluster project with the specified policies and assign the proper RBAC to allow the developer with the privileges to manage resources in the newly created Cluster.
- Developer logs in and navigates to the project
- Navigate to Environments -> Environments
- Click on the gke-cluster1 environment
- Click Deploy
The environment will begin to deploy. This step can take ~25 minutes to complete.
Step 3: Use Cluster¶
Once the environment has finished deploying, the developer can use the newly deployed Cluster. They can deploy and operate containerized applications to the newly created cluster. The typical steps are as follows
- Build a container image
- Upload the container image to a container registry (e.g. ECR or DockerHub)
- Create Kubernetes YAML for the container image
- Deploy the application to the cluster using either Kubectl or Helm or Rafay workloads.
Access Cluster¶
Developers can optionally use the steps below to access the Cluster that is created for them.
- Log into the controller
- Search for project gke-cluster1 (A project with the same name as the environment resource name is created for the Cluster)
- Click the gke-cluster1 project name
- Navigate to Infrastructure -> Clusters
You will see the provisioned Cluster available for use.
Summary¶
In summary, with Rafay, developers can now develop, deploy and validate their applications on GKE Clusters that was provisioned for them in a "self-service" manner.